use hashlib as md5 and sha are deprecated

[plcapi.git] / PLC / Persons.py

diff --git a/PLC/Persons.py b/PLC/Persons.py
index 678697d..59ff6dd 100644 (file)
--- a/PLC/Persons.py
+++ b/PLC/Persons.py
@@ -10,7 +10,7 @@
 
 from types import StringTypes
 from datetime import datetime
-import md5
+import hashlib
 import time
 from random import Random
 import re
@@ -80,26 +80,12 @@ class Person(Row):
         """
 
         invalid_email = PLCInvalidArgument("Invalid e-mail address")
-        email_badchars = r'[][()<>|;^,\200-\377]'
 
-        # Pretty minimal, cheesy check.  We could do better...
-        if not email or email.count(' ') > 0:
+        if not email:
             raise invalid_email
-        if re.search(email_badchars, email) or email[0] == '-':
-            raise invalid_email
-
-        email = email.lower()
-        at_sign = email.find('@')
-        if at_sign < 1:
-            raise invalid_email
-        user = email[:at_sign]
-        rest = email[at_sign+1:]
-        domain = rest.split('.')
 
-        # This means local, unqualified addresses, are not allowed
-        if not domain:
-            raise invalid_email
-        if len(domain) < 2:
+       email_re = re.compile('\A[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9._\-]+\.[a-zA-Z]+\Z')
+        if not email_re.match(email):
             raise invalid_email
 
                # check only against users on the same peer  
@@ -130,7 +116,7 @@ class Person(Row):
         else:
             # Generate a somewhat unique 8 character salt string
             salt = str(time.time()) + str(Random().random())
-            salt = md5.md5(salt).hexdigest()[:8] 
+            salt = hashlib.md5(salt).hexdigest()[:8] 
             return crypt.crypt(password.encode(self.api.encoding), magic + salt + "$")
 
     validate_date_created = Row.validate_timestamp